Researcher Finds Simple Way of Backdooring Windows PCs and Nobody Notices for Ten Months (zdnet.com)

← Back to Stories (view on slashdot.org)

Researcher Finds Simple Way of Backdooring Windows PCs and Nobody Notices for Ten Months (zdnet.com)

Posted by msmash on Wednesday October 17, 2018 @06:50AM from the security-woes dept.

A security researcher from Colombia has found a way of gaining admin rights and boot persistence on Windows PCs that's simple to execute and hard to stop -- all the features that hackers and malware authors are looking for from an exploitation technique. From a report: What's more surprising, is that the technique was first detailed way back in December 2017, but despite its numerous benefits and ease of exploitation, it has not received either media coverage nor has it been seen employed in malware campaigns. Discovered by Sebastian Castro, a security researcher for CSL, the technique targets one of the parameters of Windows user accounts known as the Relative Identifier (RID). The RID is a code added at the end of account security identifiers (SIDs) that describes that user's permissions group. There are several RIDs available, but the most common ones are 501 for the standard guest account, and 500 for admin accounts.

Castro, with help from CSL CEO Pedro Garcia, discovered that by tinkering with registry keys that store information about each Windows account, he could modify the RID associated with a specific account and grant it a different RID, for another account group. The technique does not allow a hacker to remotely infect a computer unless that computer has been foolishly left exposed on the Internet without a password. But in cases where a hacker has a foothold on a system -- via either malware or by brute-forcing an account with a weak password -- the hacker can give admin permissions to a compromised low-level account, and gain a permanent backdoor with full SYSTEM access on a Windows PC.

94 comments

Min score:

Reason:

Sort:

Cite please? by NewtonsLaw · 2018-10-17 06:51 · Score: 4, Interesting

Can we have a link to material that might verify this claim?
1. Re:Cite please? by olsmeister · 2018-10-17 06:53 · Score: 1
  
  It sounds simple enough that you should be able to verify yourself pretty quickly.
2. Re:Cite please? by Anonymous Coward · 2018-10-17 07:23 · Score: 0
  
  The claim sounds very simple, and is very probably true.
  
  Castro, with help from CSL CEO Pedro Garcia, discovered that by tinkering with registry keys that store information about each Windows account, he could modify the RID associated with a specific account and grant it a different RID, for another account group. The technique does not allow a hacker to remotely infect a computer unless that computer has been foolishly left exposed on the Internet without a password. But in cases where a hacker has a foothold on a system -- via either malware or by brute-forcing an account with a weak password -- the hacker can give admin permissions to a compromised low-level account, and gain a permanent backdoor with full SYSTEM access on a Windows PC.
  (FTFS)
  So, if you already have access to the registry, you can change the priveledges of an account.
  Since the registry is admin/system restricted, this means that if you can get temporary admin access, you can get permanent admin access. When put in this form, the attack falls into the category of "uselessly complicated way of doing something you could do an easier way."
  Maybe it's easy to script into a code escalation exploit, but there are already easy ways to change access levels with temporarily escalated powershell commands.
3. Re:Cite please? by Anonymous Coward · 2018-10-17 07:29 · Score: 5, Interesting
  
  There are so many errors in TFS that it is hard to say. First, a RID does not describe the user's groups. A RID is simply an offset applied to the computer SID that is incremented by one for each new user account. So that's wrong. Yes, the first RID created is for the administrator account and it is indeed *computer SID*-500. But that doesn't equate to permission groups. Next, it says that you can do this with an unprivileged user. You can't. You have to have admin in order to make the change to the HKLM\Software\Microsoft\Windows NT\CurrentVersion\ProfileList and associated areas where you would be able to make this change. So if you already have admin, there isn't much point in this.
4. Re:Cite please? by Gravis+Zero · 2018-10-17 07:42 · Score: 3, Informative
  
  Can we have a link to material that might verify this claim?
  A search of "RID Hijacking" revealed (among other things) a commit to metaploit on Feb 20. (likely merged in from a fork)
  Git commit dates can be faked so there is also an announcement from @BlackHatEvents about it from June 24.
  I'm quite inclined to believe their claim.
  
  --
  Anons need not reply. Questions end with a question mark.
5. Re:Cite please? by hwihyw · 2018-10-17 07:59 · Score: 4, Interesting
  
  https://www.youtube.com/watch?...
6. Re:Cite please? by Anonymous Coward · 2018-10-17 08:00 · Score: 2, Funny
  
  Linux has a similarly catastrophic security hole :
  Once you get root access, edit /etc/passwd and change the uid for your username to 0.
  Persistent root access for your unprivileged user!
7. Re:Cite please? by Anonymous Coward · 2018-10-17 08:24 · Score: 0
  
  If one already has the requisite "SYSTEM" permissions to be able to diddle with the SAM, then what is the point in diddling with the SAM?
  Just to prove that once you have bypassed ass security you have bypassed all security?
8. Re:Cite please? by LesFerg · 2018-10-17 08:47 · Score: 4, Insightful
  
  Precisely.
  "Hey everyone I have a Windows backdoor!!! Just give me admin access and let me edit your registry file."
  Where is the news?
  
  --
  If I had a DeLorean... I would probably only drive it from time to time.
9. Re:Cite please? by The+MAZZTer · 2018-10-17 09:19 · Score: 2
  
  "It rather involved being on the other side of this airtight hatchway."
10. Re:Cite please? by Anonymous Coward · 2018-10-17 09:53 · Score: 0
  
  More for a persistant security bypass.
  If you have a means to get SYSTEM permissions for the active boot session via some obtuse method, this is an easy programatic way to persist the escalation onto a low-visibility account for later use.
11. Re:Cite please? by Bert64 · 2018-10-17 10:51 · Score: 1
  
  The point is to retain administrative access while not being detected, the extra complication is not useless if it reduces the chance of the backdoor being detected (and thus removed, resulting in you losing administrative access).
  
  --
  http://spamdecoy.net - free throwaway anonymous email - avoid spam!
12. Re:Cite please? by Anonymous Coward · 2018-10-17 12:26 · Score: 0
  
  https://github.com/rapid7/meta...
  
  def run
  # Registry key to manipulate
  reg_key = 'HKLM\\SAM\\SAM\\Domains\\Account\\Users'
  # Checks privileges of the session, and tries to get SYSTEM privileges if needed.
  print_status("Checking for SYSTEM privileges on session")
  unless(is_system?())
  if (datastore['GETSYSTEM'])
  print_status("Trying to get SYSTEM privileges")
  if get_system
  print_good("Got SYSTEM privileges")
  else
  print_error("Could not obtain SYSTEM privileges")
  return
  end
  This is the part everybody is talking about. You need root to get root. Not much of an exploit.
  --Highdude702(mods)
13. Re:Cite please? by Anonymous Coward · 2018-10-17 17:02 · Score: 0
  
  No, the equivalent in linux would be more along the lines elevating the account by writing to /etc/sudoers. When you look at the account permissions it still shows the group it is a member of while granting it the hijacked permissions. If you wrote to /etc/passwd it would clearly show that the account is a member of w/e group you changed it to. Writing to /etc/sudoers however, you could still have /etc/passwd show the account is in a low privilege group while executing with root privileges. However, this is still not a true equivalent because if you disabled the account via /etc/passwd you should not be able to login regardless of what /etc/sudoers has in it.
  The technique is all about maintaining a stealth persistence, arguably a backdoor.
14. Re:Cite please? by f3rret · 2018-10-17 22:10 · Score: 1
  
  Any admin worth their salt is just going to monitor usage of administrative privileges, so if a user who is not supposed to have those privileges suddenly uses them, it's pretty clear what is going on.
  
  --
  Admit nothing. Deny Everything. Make Counter-accusations.
15. Re:Cite please? by Bert64 · 2018-10-18 03:17 · Score: 1
  
  Which is the whole point, many people are simply monitoring users who are in the administrators group - and this attack creates a user with administrative privileges while not being a member of the group. If your monitoring depends on such criteria, then this attack defeats it.
  No monitoring strategy is flawless, there are so many things you could keep track of but you also need to eliminate the noise generated by legitimate activity. If you just log everything you'll be flooded with data all day long, if you filter too much or log too little then you will miss things. It's extremely difficult to strike the right balance, especially when strategies such as this are discovered which invalidate previous assumptions about logging and alerting.
  
  --
  http://spamdecoy.net - free throwaway anonymous email - avoid spam!
It's Windows so, duh by Anonymous Coward · 2018-10-17 06:51 · Score: 0

Groundhog day.
How can I RTFA.... by Anonymous Coward · 2018-10-17 06:54 · Score: 0

When there is no link?
Remote Access by Major+Blud · 2018-10-17 06:55 · Score: 1

But in cases where a hacker has a foothold on a system -- via either malware or by brute-forcing an account with a weak password
If that's the case, I don't think the hacker needs to worry much about mucking around in the Registry to get administrative access.

--
If you post as Anonymous Coward, don't expect a reply.
1. Re:Remote Access by ole_timer · 2018-10-17 07:10 · Score: 1
  
  yeah, once you're on the system and can manipulate the registry you have privs to just create an account with whatever privs you want. doh.
  
  --
  nothing to see here - move along
2. Re:Remote Access by jbmartin6 · 2018-10-17 07:10 · Score: 2
  
  You would need admin access to make the change in the first place, this is just a persistence mechanism. There are so many others it is no surprise this one isn't seeing any use.
  
  --
  This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
3. Re:Remote Access by jbmartin6 · 2018-10-17 07:14 · Score: 1
  
  This is also an old technique, at least on the Unix side, where attackers would create a new account with UID 0.
  
  --
  This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
4. Re:Remote Access by Anonymous Coward · 2018-10-17 07:19 · Score: 0
  
  So in order to be able to apply a registry hack to grant admin access, I'd have to already have admin access.
  OH NOES. How is this different from just using the admin access to grant the rights to begin with, other than visibility if someone goes looking in the "Administrators" group?
5. Re:Remote Access by hey! · 2018-10-17 07:22 · Score: 2
  
  I think you're missing the point of the back door. Sure, it doesn't enable the attacker to anything he couldn't otherwise do right now, but you don't necessarily want to do anything right now. This could be because the machine doesn't have the information you want to steal yet, or because you want to interfere with something the user may be involved with in the future (e.g., conducting a military or political campaign).
  The problem is just because you can get in now doesn't guarantee that the system won't get patched later, or passwords updated, or malware files scanned. Any kind of vulnerability you leave behind could simplify your job later.
  
  --
  Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
6. Re:Remote Access by ole_timer · 2018-10-17 07:33 · Score: 1
  
  there's no guarantee that the path in will be there either...persistence requires the entire path be there too...
  
  --
  nothing to see here - move along
7. Re:Remote Access by hey! · 2018-10-17 07:38 · Score: 1
  
  Well, if you want guarantees, hacking isn't for you.
  
  --
  Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
8. Re:Remote Access by im_thatoneguy · 2018-10-17 07:42 · Score: 1
  
  The only thing I can think of is that you could allow an application "registry access" when you're looking at the requested permissions.
  So like a phone says "This application wants access to your GPS location" you might be willing to grant it GPS location but not microphone data. So you could grant a user registry access thinking that it's a one time limited permission of the installer to modify the registry but instead you end up with an application creating an admin level account.
  Then again... a keylogger would be way easier to install in the BG.
9. Re:Remote Access by viperidaenz · 2018-10-17 08:54 · Score: 1
  
  You don't grant an installer just registry access, you grant it all access.
  There's nothing stopping the installer from using the regular API's for modifying local users after you've given it local admin access.
If you can add someone to the administrator group. by Kaenneth · 2018-10-17 07:00 · Score: 5, Funny

"Oh yes, I thought of something," panted Ford.
Arthur looked up expectantly.
"But unfortunately," continued Ford, "it rather involved being on the other side of this airtight hatchway."
And Microsoft dosen't care by Anonymous Coward · 2018-10-17 07:00 · Score: 0

They're too busy working on Candy Crush and Microsoft Authenticator ads to worry about back doors. You had the chance with the penguin, but you turned him down.
Re:If you can add someone to the administrator gro by ole_timer · 2018-10-17 07:11 · Score: 1

+1

--
nothing to see here - move along
I love HOSTing in my back door... apk by Anonymous Coward · 2018-10-17 07:14 · Score: 0

Fill me up!
The other side of the airtight hatchway by Anonymous Coward · 2018-10-17 07:15 · Score: 0

To execute this attack you need to write certain registry keys.
The only way you can write those keys is if you're... wait for it... Administrator.
This is a non-issue.
1. Re:The other side of the airtight hatchway by MachineShedFred · 2018-10-17 07:22 · Score: 1
  
  It could be thought of as a very slight issue.
  Someone could combine a privilege escalation attack with this to persist a user that is an admin, without visibility. E.g. they would essentially be in the "Administrators" group without showing up in that group.
  Yes, this is incredibly sensationalized for what it is. There are far bigger risks if some rogue process or actor has administrative privileges to begin with. Once you're owned, you are already owned.
  
  --
  Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
Why bother granting admin privileges by nadass · 2018-10-17 07:17 · Score: 1

Why bother granting administrative privileges when the device is physically accessed and any nefarious payloads can already be executed?! Just because a "slow-burn" strategy might be employed to take down a target network, that doesn't make this "vulnerability" a big deal. Instead the underlying issue is that when poor security practices are employed and registry access is readily offered... anything bad can happen, from granting elevated privileges or printing out codes for the nuclear fusion reactors.

Sure, it's a bit of an issue, but the only sensible fix is to store all RID-encoded permissions into an alternate location (cloud) which is not otherwise accessible on the local machine. But then all Windows machines would *require* internet access... or all log-ins would be susceptible to man-in-the-middle attacks during authn/authz checks against the cloud (or proximate central auth directory).

Come to think of it, the solution already exists: domain-join all workstations against a locally-deployed AD. Yay, problem solved.
What I would really like to see by bobstreo · 2018-10-17 07:17 · Score: 0

is a worm/virus that installs linux on a target system (overwriting windows) with a background that says something like:
"You're too stupid to be allowed to run windows"
1. Re:What I would really like to see by viperidaenz · 2018-10-17 08:36 · Score: 2
  
  "You're too stupid to be allowed to run windows, so here's something that's harder to use and easier to fuck up"
  Good one.
There is nothing to notice by Zero__Kelvin · 2018-10-17 07:20 · Score: 1

This is the equivalent of a Linux newbie who fancies himself a "security researcher" discovering that the root user can add any user to any group and thinking he thought of a new "trick" and found a "vulnerability."

--
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
1. Re:There is nothing to notice by 110010001000 · 2018-10-17 07:26 · Score: 1
  
  Exactly. The old trick of adding "rroot" to /etc/passwd with uid 0 and hoping no one notices.
2. Re:There is nothing to notice by snapsnap · 2018-10-17 07:30 · Score: 1
  
  Or can change UIDs in /etc/passwd. That's the Linux equivalent of this.
3. Re:There is nothing to notice by Kaenneth · 2018-10-17 08:05 · Score: 1
  
  If I could force one change on Linux, I would make the root uid random/settable per system.
  It's too easy to fuckup having the uid be the default value of unused memory.
  For example, when I was first learning Linux I setup a fax-to-web server with every step under its own user. Fax modem to raw image was FAXRCV, raw image to pages/thumbnails/ocr processing was FAXIMG, images/data to intranet site was FAXSRV; each only had access to the programs/paths needed for their job.
  But I launched them all using a program that expected numeric user *numbers* not user *names*, and the default parsing of atoi for "FAX???" is 0, so it launched them all as root.
  I figured that out on my own before too long, and the machine was never internet visible; but a zero is easier to slip into malicious code than something like a "GetSystemRootUID()" function call.
4. Re:There is nothing to notice by viperidaenz · 2018-10-17 08:35 · Score: 1
  
  and now you've learnt to validate your inputs.
5. Re:There is nothing to notice by Anonymous Coward · 2018-10-17 09:27 · Score: 0
  
  Or just use strtol instead of atoi like a normal person.
  And check the error conditions.
  My only nitpick is that they chose this impossible interface.
  It should have just returned a success or error code, and pass the value through a pointer argument.
6. Re:There is nothing to notice by techno-vampire · 2018-10-17 10:34 · Score: 1
  
  If I could force one change on Linux, I would make the root uid random/settable per system.
  
  I don't think that would work the way you expect. Under *nix, there's nothing special about the username "root". You can change it to anything you want and it still works the same. The magic is in the userid of 0 and changing it the way you suggest would require that every program that needs elevated privileges would have to be rewritten to find out what that userid is on this system every time it's invoked, adding an extra layer of complexity. (This, of course, assume that those programs check to see what user is running them to find out if they have permission to do what's needed. If not, it might not be an issue.)
  
  --
  Good, inexpensive web hosting
7. Re:There is nothing to notice by Bert64 · 2018-10-17 10:56 · Score: 1
  
  Except /etc/passwd is an easily human readable text file, making such a change trivially easy to notice.
  
  --
  http://spamdecoy.net - free throwaway anonymous email - avoid spam!
Not a backdoor by Anonymous Coward · 2018-10-17 07:24 · Score: 0

The technique does not allow a hacker to remotely infect a computer
I think that "security" "researcher" (both terms used very loosely here), needs to re-evaluate his life choice of a profession. So he's taking an already compromised machine and editing the registry to gain remote access, which most likely already exists on a compromised system. Um, I think we found why there has been no news about this. It's a non-issue, not news worthy and not a security issue at all.
1. Re:Not a backdoor by Anonymous Coward · 2018-10-17 08:10 · Score: 0
  
  Yes, but what about the dumbass editor that posted it here?
2. Re:Not a backdoor by viperidaenz · 2018-10-17 08:29 · Score: 1
  
  They're doing their job fantastically.
  That being "post click-bait headlines to increase ad revenue"
3. Re: Not a backdoor by Anonymous Coward · 2018-10-17 14:02 · Score: 0
  
  The long term effect of which is declining readership.
  I certainly noticed the comments are all well below 100 now, sometimes below 50.
  I don't bother coming here more than once every few weeks, down from daily a couple of years ago.
  New owners done fucked it.
Re:creimer tried backdooring a woman by Anonymous Coward · 2018-10-17 07:24 · Score: 0

Well he is like a gnarled toothpick in a hallway.
You have been warned by Anonymous Coward · 2018-10-17 07:25 · Score: 0

Now run! Run to the hills! Run as fast as you can! To the hills! DO RUN! RUN! RUN! DO RUN!
Let me explain.
Microsoft Is Stamping That Shit Out SOON by Anonymous Coward · 2018-10-17 07:27 · Score: 0

domain-join all workstations against a locally-deployed AD
Nope. /finger wag
Diarrhea is not a good choice for a nice bisque by Anonymous Coward · 2018-10-17 07:29 · Score: 0

Now if you want to do a chili, diarrhea may just be your best bet.
Just another sky is falling researcher by Anonymous Coward · 2018-10-17 07:35 · Score: 0

How many of these come out and nobody ever attempts to apply them in the wild? Look at the spectacle of Meltdown/Spectre and we have yet to see any significant attempt at exploiting any of it. That's because there are so may easier ways to get information in bigger form hacking Facebook's or other data centers.
Stupid by duke_cheetah2003 · 2018-10-17 07:36 · Score: 1

This is dumb. The exploit requires you break into the system by other means. And if you're successful with that, why the hell would you need this after you've already compromised the system?
1. Re:Stupid by Anonymous Coward · 2018-10-17 07:48 · Score: 0
  
  This is a way to give a user admin rights without belonging to the administrators localgroup. If the sysadmins only audit by checking group membership, the user could retain admin rights long after having them on a temporary basis.
Millenial discovers user and group permissions? by Fly+Swatter · 2018-10-17 07:41 · Score: 1

I guess that is news.
Re:If you can add someone to the administrator gro by Anonymous Coward · 2018-10-17 07:45 · Score: 0

Mod that guy up, he nailed it.
Why would one require admin privileges at all? by Anonymous Coward · 2018-10-17 07:50 · Score: 0

All the user's important data will be in the account that already has to be hacked as a premise for this.
The whole concept of admin accounts is from a time of mainframes, and useless for personal computers. Only on servers does it still make sense. But it’s not like Google users would actually get a real user on Google's systems. So even in these cases it's rarely ever used. Even in the cases where it would be useful.
Android made me think of how it should be: Privilege separation should be by source. Or to be more precise: They should map to trust relationships between sources of things. Not only for files loaded by a browser or the like, or for applications, but even for the kernel, drivers, libraries, etc. Hell, ideally, for *hardware* components too!
Old news by Anonymous Coward · 2018-10-17 07:55 · Score: 0

People were doing this in the 90's to privilege escalate on Windows NT.
Re:c6gunner IMPERSONATING me again? by Anonymous Coward · 2018-10-17 07:56 · Score: 0

fag.
"security researcher from Colombia" by Anonymous Coward · 2018-10-17 08:03 · Score: 0

There are security researchers in Colombia?
1. Re:"security researcher from Colombia" by Anonymous Coward · 2018-10-17 09:55 · Score: 0
  
  I believe this article is definitive proof there are no security researchers in Colombia. This sounds like a "hack" I found fucking around in the registry in Windows 95 thinking I was oh so cool...
Bit of a lack of detail by viperidaenz · 2018-10-17 08:27 · Score: 1

But it doesn't say a low privilege account can run this exploit.
Sounds more like "admin level account can give admin access to non-admin account" issue. Which you can do anyway...
Now if the guest account had permission to alter those registry keys, that would be more serious. No where do they say that's the case.
No need for cite! by Anonymous Coward · 2018-10-17 08:42 · Score: 0

We have "hackers" on the loose! "Hackers" on the prowl! "HACKERS!" I'ma tellin j00!
Re:c6gunner IMPERSONATING me again? by Anonymous Coward · 2018-10-17 08:49 · Score: 0

Oh get a fucking life you ridiculous person.
Re:c6gunner IMPERSONATING me again? by Anonymous Coward · 2018-10-17 08:55 · Score: 0

Your software is just crap - written in crayon, fictional... I'm going to continue using the Host File Engine as a punchline to a joke by mmell February 17, 2017

Your premise that hostfiles are a good way to deal with advertising and malvertising is fucking insane - by JazzLad April 20, 2016

his hosts "program" is actually a broken batch file by xenotransplant August 10 2015

his hosts tool is actually useful for those cases in which one does indeed want to be a laughingstock while consuming excessive amounts of alcohol by alexgieg September 25 2015

I do use APK's host file in all my memes at home by OrangeTide December 01 2017

I've never tried to belittle (APK's work), I've flat out said it's crap - by BronsCon (927697)

I like your tinfoil hat by Karmashock September 09 2015

that APK nut, I can't get him to stop talking about his piece of shit file by rogoshen1 Tuesday March 03, 2015

I personally never would use a HOSTS file blocker produced from a retard called APK by 110010001000 October 27 2017

APK

P.S.=> When YOU do better than THAT by our /. registered peers, then talk (from behind your FAKE NAME for your FAKE LIE of a "so-called" WASTED life) - ok? apk
c6gunner IMPERSONATING me again? by Anonymous Coward · 2018-10-17 09:16 · Score: 0

See subject: his FAKEname on a post impersonating me https://linux.slashdot.org/com... & altering /.er's words.
c6gunner tried to mock me 1st https://linux.slashdot.org/com...
So I challenge c6gunner to show he did better work than mine & he CAN'T!
YOU DEMAND PROOF of others here?
"I've yet to see you provide any evidence of that." by c6gunner on Monday March 15, 2010 @10:02PM (#31490942) ?
So now I DEMAND IT OF YOU & YOU FAIL!
c6gunner = "Run, Forrest: RUN!!!
* c6gunner's LYING saying I did a MacOS X one - I haven't yet & c6gunner's LYING impersonating me saying hosts work vs. Intel CPU issues (spectre/meltdown).
APK
P.S.=> You say hosts = shit here https://slashdot.org/comments.... ?
FACTS: /.ers & security pros + RESULTS say DIFFERENT:
1st: /.ers https://slashdot.org/comments.... https://slashdot.org/comments.... https://slashdot.org/comments.... https://slashdot.org/comments.... https://slashdot.org/comments.... https://slashdot.org/comments....
2nd: SECURITY PROS https://slashdot.org/comments....
3rd: REAL RESULTS w/ hosts vs. threats https://slashdot.org/comments....
EAT YOUR WORDS!
Wait what? by Anonymous Coward · 2018-10-17 09:21 · Score: 0

Don' t you need admin to edit the registry?
1. Re:Wait what? by Locke2005 · 2018-10-17 10:02 · Score: 1
  
  Not if you take the hard drive out, attach it to another computer, and edit the file, you don't.
  
  --
  I've abandoned my search for truth; now I'm just looking for some useful delusions.
Re: c6gunner IMPERSONATING me again? by Anonymous Coward · 2018-10-17 09:22 · Score: 0

Sounds gay, maybe stick your head in the toilet and flush?
My actual post not your impersonation by Anonymous Coward · 2018-10-17 09:25 · Score: 0

Your software is just fine - well written, functional... I'm going to continue using the Host File Engine by mmell February 17, 2017
his hosts program is actually pretty good by xenotransplant August 10 2015
I've tried his hosts file generating software. It works. - by bmo (77928) on Thursday October 15, 2015
I do use APK's host file on all my systems at home by OrangeTide December 01 2017
I've never tried to belittle (APK's work), I've flat out said it's good - by BronsCon (927697)
I like your host file system by Karmashock September 09 2015
I would like to note that I find your hosts file admirable - by vel-ex-tech (4337079) on Tuesday November 24, 2015
I personally use a HOSTS file blocker produced from a genius called APK by 110010001000 October 27 2017
FROM https://news.slashdot.org/comm...
APK
P.S.=> YOU wish you could manage users liking & using + praising work you did but you're too UNSKILLED to EVER manage that yourself you IMPERSONATOR of me... apk
If you have admin rights, you can grant them by Attila+Dimedici · 2018-10-17 09:32 · Score: 1

If I am reading the summary correctly, what they are saying is that if you have admin rights, you can grant other users admin rights.

--
The truth is that all men having power ought to be mistrusted. James Madison
Re: c6gunner IMPERSONATING me again? by Anonymous Coward · 2018-10-17 09:45 · Score: 0

It's a Human Centipede reference
Once again... by Locke2005 · 2018-10-17 10:01 · Score: 0

If a hacker has physical access to the hard drive of a computer, it isn't secure! (Barring encrypting the drive in a way that ties it to specific hardware, in which case, if that hardware fails, then all your data is lost.)

--
I've abandoned my search for truth; now I'm just looking for some useful delusions.
I am sorry for impersonating APK... zip by Anonymous Coward · 2018-10-17 10:31 · Score: 0

See subject: I got caught impersonating APK and I'm completely embarrassed. He repeatedly dusted me and showed I know next to nothing about tech. He's also right that I haven't written useful wares that registered /.ers like & use. Rather than admit that I'm not world-class and wish I was APK, I chose to impersonate him.
* I'm sorry for behaving this way. I've lost all credibility and should never post on Slashdot again.
I worked with c6gunner and Zontar The Mindless to impersonate APK, but really we just made ourselves look stupid. I just hope I'm smart enough to learn my lesson and can stop being a do-nothing FAKEname "ne'er-do-well" like Zontar and c6gunner.
ZIP
P.S.=> I'm sorry, APK. I'm truly embarrassed by what I did... zip
1. Re: I am sorry for impersonating APK... zip by Anonymous Coward · 2018-10-17 10:49 · Score: 0
  
  Wow, APK whines incessantly about supposedly being impersonated, then proceeds to impersonate ZIP and lie about c6gunner and Zontar. APK, everyone knows you wrote the parent post, and you're a lying hypocritical shitbag.
Back door is not new.... by Anonymous Coward · 2018-10-17 11:00 · Score: 0

Is the researchers using the Back Door designed for Microsoft to access Windows?
Is the researchers using the Back Door designed for FBI to access Windows?
Is this actually a new back door they found or created?????
Oh, you're SO "clever" (not)... apk by Anonymous Coward · 2018-10-17 11:14 · Score: 0

See subject: I wondered who did that (not I - I don't stoop LOW as you trolls). ZIP embarasses himself https://yro.slashdot.org/comme... CLAIMING he is a "better programmer" than I, yet has NOTHING TO SHOW FOR HIMSELF (especially in the eyes of our /. peers, but I do by the DOZENS, let alone 100,000++ users of that ware too). He also tried to CLAIM that saying he 'found the fix' for C++ buffer overflows I LONG BEFORE STATED IN THE SAME THREAD!
* You're REALLY "reaching" & DESPERATE now aren't you?
APK
P.S.=> Your "reasoning" & "scheming" idiocy reminds me of a homosexual I know who 'freaks out' the way you do with ILLOGIC-LOGIC tricks he tries to use & always FAILS in (in real life, lol - it's HILARIOUS but pitiful (like you))... apk
1. Re:Oh, you're SO "clever" (not)... apk by Anonymous Coward · 2018-10-17 17:04 · Score: 0
  
  Yet you are an embarrassment to the mentally disabled. You are too dumb to even realize that you lose every argument. Enjoy your $1 house your parents sold you after you lived in the basement (we've seen your historic lower level address at that location).
Re:c6gunner IMPERSONATING me again? by Anonymous Coward · 2018-10-17 11:32 · Score: 0

SPH
With UEFI one can hide a root kit by Trax3001BBS · 2018-10-17 11:36 · Score: 0

If no one can see the problem here, they're avoiding it.
https://blogs.technet.microsof...
for an encore by spongman · 2018-10-17 16:17 · Score: 1

he went on to show that `sudo passwd root` was a privilege elevation exploit.
Re:c6gunner IMPERSONATING me again? by Anonymous Coward · 2018-10-17 17:01 · Score: 0

How about you go and fist your own asshole instead of posting your garbage. It would be much more productive and then slashdot would be more enjoyable for everyone else too.
welp by evanchik · 2018-10-18 01:57 · Score: 1

at least its fixed now.....10 years later. I found a couple 0days in my life, i took the fame and money though
Correct you're embarassed & mental by Anonymous Coward · 2018-10-18 10:35 · Score: 0

Correct U.R. embarassed & mental (lol)! I embarass u CONSTANTLY like I did again today (via facts u can't beat) https://tech.slashdot.org/comm...
SIMON WEEZILThal, you LOSE/FAIL as always vs. me, lol!
APK
P.S.=> Accept it you INFERIOR DEFECTIVE LOON that STALKS me via UNIDENTIFIABLE anonymous posts like the "WEEZILthal" you are, lol... apk
c6gunner IMPERSONATING me again? by Anonymous Coward · 2018-10-18 10:49 · Score: 0

See subject: his FAKEname on a post impersonating me https://linux.slashdot.org/com... & altering /.er's words.
c6gunner tried to mock me 1st https://linux.slashdot.org/com...
So I challenge c6gunner to show he did better work than mine & he CAN'T!
YOU DEMAND PROOF of others here?
"I've yet to see you provide any evidence of that." by c6gunner on Monday March 15, 2010 @10:02PM (#31490942) ?
So now I DEMAND IT OF YOU & YOU FAIL!
c6gunner = "Run, Forrest: RUN!!!
* c6gunner's LYING saying I did a MacOS X one - I haven't yet & c6gunner's LYING impersonating me saying hosts work vs. Intel CPU issues (spectre/meltdown).
APK
P.S.=> You say hosts = shit here https://slashdot.org/comments.... ?
FACTS: /.ers & security pros + RESULTS say DIFFERENT:
1st: /.ers https://slashdot.org/comments.... https://slashdot.org/comments.... https://slashdot.org/comments.... https://slashdot.org/comments.... https://slashdot.org/comments.... https://slashdot.org/comments....
2nd: SECURITY PROS https://slashdot.org/comments....
3rd: REAL RESULTS w/ hosts vs. threats https://slashdot.org/comments....
EAT YOUR WORDS!
Mr. Impersonator of me, still SORE? apk by Anonymous Coward · 2018-10-18 10:51 · Score: 0

Mr. Impersonator of me: Still sore from the ASS-KICKING I gave you here https://tech.slashdot.org/comm... & https://tech.slashdot.org/comm... + https://tech.slashdot.org/comm... too?
YES, obviously - lol, your "effete revenge" was DOWNMODS I ran you DRY of as always!
After you tried VAINLY to "downmod" HIDE all of that is showing here & UNDENIABLE https://tech.slashdot.org/comm... LITERALLY (I just reposted to NULLIFY your 'wannabe weapon' NEUTRALIZING it & EXPOSING YOU LOSING to me, lol!).
APK
P.S.=> I love it - especially seeing u REDUCED to TRYING to LIE about me (or LIBEL me) as you IMPERSONATE me (proving you WISH you were me, but you're INFERIOR imitation (& just plain INFERIOR on ALL levels))... apk
Mr. Impersonator of me, still SORE? apk by Anonymous Coward · 2018-10-18 10:54 · Score: 0

Mr. Impersonator of me: Still sore from the ASS-KICKING I gave you here https://tech.slashdot.org/comm... & https://tech.slashdot.org/comm... + https://tech.slashdot.org/comm... too?
YES, obviously - lol, your "effete revenge" was DOWNMODS I ran you DRY of as always! YOU NEED TO SEEK PROFESSIONAL HELP because YOU trying to "take me on"? Always a HUGE DEFEAT for you, so you? Must be INSANE.
After you tried VAINLY to "downmod" HIDE all of that is showing here & UNDENIABLE https://tech.slashdot.org/comm... LITERALLY (I just reposted to NULLIFY your 'wannabe weapon' NEUTRALIZING it & EXPOSING YOU LOSING to me, lol!).
APK
P.S.=> I love it - especially seeing u REDUCED to TRYING to LIE about me (or LIBEL me) as you IMPERSONATE me (proving you WISH you were me, but you're INFERIOR imitation (& just plain INFERIOR on ALL levels))... apk